Skip to main content

Cognos Disclosure Management

3 CVEs product

Monthly

CVE-2016-6077 MEDIUM PATCH This Month

IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity.

IBM Authentication Bypass Cognos Disclosure Management
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2015-5014 CRITICAL PATCH Act Now

IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle attackers to obtain access by spoofing an executable file during a client upload operation. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

IBM Information Disclosure Cognos Disclosure Management
NVD
CVSS 2.0
9.3
EPSS
0.5%
CVE-2013-0501 CRITICAL Act Now

The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft IBM Cognos Disclosure Management
NVD
CVSS 2.0
9.3
EPSS
0.8%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

IBM Cognos Disclosure Management 10.2 could allow a malicious attacker to execute commands as a lower privileged user that opens a malicious document. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity.

IBM Authentication Bypass Cognos Disclosure Management
NVD
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle attackers to obtain access by spoofing an executable file during a client upload operation. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

IBM Information Disclosure Cognos Disclosure Management
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft IBM +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy